7.5

CVE-2002-0402

Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ethereal GroupEthereal Version0.9.1
Ethereal GroupEthereal Version0.9.2
Ethereal GroupEthereal Version0.9.3
Ethereal GroupEthereal Version0.9_.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.85% 0.909
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-037.0.txt
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000505
http://marc.info/?l=bugtraq&m=102268626526119&w=2
http://www.debian.org/security/2002/dsa-130
Patch
Vendor Advisory
http://www.ethereal.com/appnotes/enpa-sa-00004.html
Patch
Vendor Advisory
URL Repurposed
http://www.redhat.com/support/errata/RHSA-2002-036.html
http://www.redhat.com/support/errata/RHSA-2002-088.html
http://www.iss.net/security_center/static/9203.php
http://www.redhat.com/support/errata/RHSA-2002-170.html
http://www.securityfocus.com/bid/4805